CVE-2026-27663
Denial-of-Service in Siemens CPCI85 and RTUM85 via Resource Exhaustion
Publication date: 2026-03-26
Last updated on: 2026-04-14
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | cpci85 | to 26.10 (exc) |
| siemens | rtum85 | to 26.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2026-27663 is a denial-of-service (DoS) vulnerability found in Siemens CPCI85 Central Processing/Communication and RTUM85 RTU Base products in all versions prior to V26.10.
The vulnerability occurs in the remote operation mode where a high volume of requests can cause resource exhaustion. This means that sending multiple requests can deplete system resources, preventing the system from performing parameterization and requiring a reset or reboot to restore normal functionality.
It is classified under CWE-770: Allocation of Resources Without Limits or Throttling.
How can this vulnerability impact me? :
This vulnerability can impact you by causing a denial-of-service condition in affected Siemens devices. When exploited, the system's resources can be exhausted by a high volume of remote requests, which prevents normal operations such as parameterization.
As a result, the affected device may become unresponsive and require a reset or reboot to restore functionality, potentially leading to downtime or disruption of critical services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a denial-of-service (DoS) caused by resource exhaustion when the affected devices are subjected to a high volume of requests in remote operation mode.
Detection would involve monitoring for unusual or excessive request traffic to the CPCI85 or RTUM85 devices, which may lead to resource exhaustion and loss of parameterization capability.
Specific commands or tools to detect this vulnerability are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update the affected firmware to version V26.10 or later, as this resolves the vulnerability.
Additional recommended measures include protecting network access to the affected devices using firewalls, network segmentation, and VPNs.
Configuring devices according to operational guidelines and ensuring supervision of the update process by trained personnel are also advised.
Operators of critical power systems should ensure multi-level redundant secondary protection schemes to minimize cyber incident risks.